EFTA01074081

IPI 
INTERNATIONAL 
PEACE 
INSTITUTE 
RISK MANAGEMENT POLICY 
1. Introduction 
Risk management is the process of assessing exposures to loss within organizational and 
program activities and determining how best to eliminate, manage or otherwise reduce the risk 
of an adverse event from having a negative impact on the business operations. Risk reduction 
is achieved through policies and procedures, or through contractual transfer of the risk to a 
third party, typically an insurance company. Risk elimination is achieved through avoidance. 
International Peace Institute (IPI) recognizes risk management as an integral component of 
good governance and fundamental in achieving its strategic and operational objectives. It 
improves decision-making, defines opportunities, and mitigates material events that may 
impact its mission. 
The IPI Management Team is responsible for ensuring that IPI programs, activities, and policies 
are conducted in a manner that considers the risk of loss or injury to IPI staff members (which 
include directors, officers, full-time and part-time employees, consultants, interns, and 
volunteers) and to vulnerable persons they may come into contact with during the course of 
their work, in particular women and children. In maintaining IPI's risk management policy, the IPI 
Management Team shall consult with the head of programs, as appropriate. The IPI 
Management Team will work with staff members to carry out this policy. 
2. Methodology 
IPI has adopted an organizational wide framework that incorporates a system of risk 
oversight, risk management, and internal control designed to identify, assess, monitor, and 
manage risks consistent with the Employment Laws and safety and security of its assets, staff 
members, and vulnerable persons in research environments, in particular women and 
children. IPI applies risk management in a well-defined, integrated framework that promotes 
awareness of risks and an understanding of the company's risk tolerances. This enables a 
systematic approach to risk identification, leverage of any opportunities and provides 
treatment strategies to manage, transfer and avoid risks. 
3. Scope 
This policy applies to all staff members at any level of seniority within the business. The policy 
also applies to contractors and consultants working on behalf of IPI. 
IPI's Risk Management Policy has been developed to protect the following: 
• IPI Staff Members 
• Vulnerable persons in research environments (in particular women and children) 
• Organizational Reputation 
EFTA01074081

• Financial Assets 
• Business policy and processes 
4. Responsibilities 
The Board is ultimately responsible for identifying and assessing organizational and program 
activity risks, in particular activities that involve contact with vulnerable persons such as 
women and children, which may impact IPI in achieving its strategic objectives while 
protecting the rights and wellbeing of women and children. The Board is responsible for 
determining the company's risk appetite, overseeing the development and implementation of 
the risk management framework and maintaining an adequate monitoring and reporting 
mechanism. 
The IPI Management Team is responsible for ensuring that organizational and program 
activity risks are identified, analyzed, evaluated, and mitigated. The IPI Management Team 
must develop a sustainable control environment to manage significant risks and champion the 
implementation of risk management processes within their organizational and program 
activities. 
5. Reporting 
The IPI Management Team is responsible to report to the IPI President and the Board risks 
that may impact the organization's operation, programs, and strategic objectives. 
6. Policy Review 
This policy will be reviewed at least annually to ensure effectiveness and its continued 
application and relevance to IPI. 
EFTA01074082